TLS proxy in im.deuxfleurs.fr for Android 7 #17

Closed
adrien wants to merge 4 commits from feat/im-tls-proxy into main
2 changed files with 5 additions and 4 deletions
Showing only changes of commit 3e93d19347 - Show all commits

1
.gitignore vendored
View file

@ -4,3 +4,4 @@ secrets/*
cluster/*/secrets/* cluster/*/secrets/*
!cluster/*/secrets/*.sample !cluster/*/secrets/*.sample
bugs/

View file

@ -11,7 +11,7 @@ job "im-android7" {
group "rsa-ecc-proxy" { group "rsa-ecc-proxy" {
network { network {
port "api_port" { static = 8008 } port "api_port" { static = 18008 }
// port "web_port" { to = 8043 } // port "web_port" { to = 8043 }
} }
@ -23,8 +23,8 @@ job "im-android7" {
ports = [ "api_port" ] ports = [ "api_port" ]
network_mode = "host" network_mode = "host"
args = [ args = [
"openssl-listen:8008,reuseaddr,fork,verify=0,bind=0.0.0.0,cert=/var/secrets/rsa.crt,key=/var/secrets/rsa.key", "openssl-listen:18008,reuseaddr,fork,verify=0,bind=0.0.0.0,cert=/var/secrets/rsa.crt,key=/var/secrets/rsa.key",
"openssl:im.deuxfleurs.fr:8008,verify=0", "tcp:synapse.service.prod.consul:8008",
] ]
volumes = [ volumes = [
"secrets/certs:/var/secrets" "secrets/certs:/var/secrets"
@ -51,7 +51,7 @@ job "im-android7" {
address_mode = "host" address_mode = "host"
tags = [ tags = [
"rsa-ecc-proxy", "rsa-ecc-proxy",
"(diplonat (tcp_port 8008))", "(diplonat (tcp_port 18008))",
"d53-a im-android7.deuxfleurs.fr", "d53-a im-android7.deuxfleurs.fr",
# ipv6 is commented for now as socat does not listen on ipv6 now # ipv6 is commented for now as socat does not listen on ipv6 now
# "d53-aaaa im-android7.deuxfleurs.fr" # "d53-aaaa im-android7.deuxfleurs.fr"